<?php

  require('includes/application_top.php');

  require(DIR_WS_CLASSES . 'currencies.php');
  $currencies = new sccurrencies();

  $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');
  if (tep_not_null($action)) {
    switch ($action) {
      case 'insert':
        function tep_encrypt_password($plain) {
            $password = '';
        
            for ($i=0; $i<10; $i++) {
              $password .= tep_rand();
            }
        
            $salt = substr(md5($password), 0, 2);
        
            $password = md5($salt . $plain) . ':' . $salt;
        
            return $password;
          }
        //$customers_id = tep_db_prepare_input($HTTP_POST_VARS['customers_id']);
        
        if (isset($HTTP_POST_VARS['gender'])) {
            $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
          } else {
            $gender = false;
          }
        $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
        $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
        $dob = tep_db_prepare_input($HTTP_POST_VARS['dob']);
        
        $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
        $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
        $street_address = tep_db_prepare_input($HTTP_POST_VARS['street_address']);
        $suburb = tep_db_prepare_input($HTTP_POST_VARS['suburb']);
        $state = tep_db_prepare_input($HTTP_POST_VARS['state']);
        $city = tep_db_prepare_input($HTTP_POST_VARS['city']);
        $country = tep_db_prepare_input($HTTP_POST_VARS['country']);  
        
        $orders_description = $HTTP_POST_VARS['orders_description'];
        date_default_timezone_set('Asia/Saigon');
        $created = tep_db_prepare_input(date("Y-m-d H:i:s"));
        
        $sql_data_array = array('customers_firstname' => $firstname,
                                  'customers_lastname' => $lastname,
                                  'customers_email_address' => $email_address,
                                  'customers_telephone' => $telephone,
                                  'customers_password' => tep_encrypt_password('123456'));
    
          $sql_data_array['customers_gender'] = $gender;
          $sql_data_array['customers_dob'] = tep_date_raw($dob);
    
          tep_db_perform(TABLE_CUSTOMERS, $sql_data_array);
    
          $customer_id = tep_db_insert_id();
          
        $sql_data_array = array('customers_id' => $customer_id,
                                  'entry_firstname' => $firstname,
                                  'entry_lastname' => $lastname,
                                  'entry_street_address' => $street_address,
                                  'entry_city' => $city,
                                  'entry_country_id' => $country);
    
          $sql_data_array['entry_gender'] = $gender;          
          $sql_data_array['entry_suburb'] = $suburb;
          $sql_data_array['entry_state'] = $state;
          tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);

          $address_id = tep_db_insert_id();
    
          tep_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int)$address_id . "' where customers_id = '" . (int)$customer_id . "'");
    
          tep_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int)$customer_id . "', '0', now())");
        
        $check_query = tep_db_query("select orders_id from orders_new where orders_description = '" . $orders_description . "' limit 1");

        if (tep_db_num_rows($check_query) < 1) {
          tep_db_query("insert into orders_new (customers_id, orders_description, created) values ('" . (int)$customer_id . "', '" . $orders_description . "','" . tep_db_input($created) . "')");
        } else {
          $messageStack->add_session('Không thể thêm mới đặt hàng', 'error');
        }

        tep_redirect(tep_href_link('orders_product.php'));
        break;  
      case 'save':
        
        $id = $HTTP_GET_VARS['aID'];
        $status = tep_db_prepare_input($HTTP_POST_VARS['status']);
        
        tep_db_query("update orders_new set status_id = '" . tep_db_input($status) . "' where orders_id = '" . $id . "'");
        
        date_default_timezone_set('Asia/Saigon');
        $created = tep_db_prepare_input(date("Y-m-d H:i:s"));
        tep_db_query("insert into orders_new_status_history (orders_id, status_id, created) values ('" . $id . "', '" . tep_db_input($status) . "', '" . tep_db_input($created) . "')");
        
        $c_query = tep_db_query("select customers_id from orders_new where orders_id=".$id);
        $c_orders_values = tep_db_fetch_array($c_query);
        $c_email_query = tep_db_query("select customers_email_address from customers where customers_id=".$c_orders_values['customers_id']);
        $c_email_values = tep_db_fetch_array($c_email_query);
        $c_status_query = tep_db_query("select status_name from orders_new_status where status_id=".$status);
        $c_status_values = tep_db_fetch_array($c_status_query);
        
        $email = STORE_NAME . "<br />\n------------------------------------------------------\n<br />".'Đơn hàng số: ' . $id . "<br />\n" . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'orders_product_history_info.php?order_id=' . $id, 'SSL') . "<br />Trạng thái hiện tại: \n\n\n" . $c_status_values['status_name'];        
        require_once('ext/Rmail.php');    
        $mail = new Rmail();        
        $mail->setPriority('high');        
        $mail->setFrom(STORE_OWNER.' <ushop@ushop.vn>');
        $mail->setReceipt('ushop@ushop.vn');
        $mail->setSubject('ushop.vn Thông tin đặt hàng Mỹ');                                        
        $mail->setHTML($email);
        $address = $c_email_values['customers_email_address'];	
        $result  = $mail->send(array($address),'smtp');
        
        tep_redirect(tep_href_link('orders_product.php', 'aID=' . (int)$HTTP_GET_VARS['aID']));
        break;
      case 'deleteconfirm':
        $id = tep_db_prepare_input($HTTP_GET_VARS['aID']);

        tep_db_query("delete from orders_new_product where orders_id = '" . (int)$id . "'");
        tep_db_query("delete from orders_new where orders_id = '" . (int)$id . "'");        
        
        tep_redirect(tep_href_link('orders_product.php'));
        break;
      case 'priceconfirm':
        $id = tep_db_prepare_input($HTTP_GET_VARS['aID']);
        $currency_reply = tep_db_prepare_input($HTTP_POST_VARS['currency_reply']);
        $tax_reply = tep_db_prepare_input($HTTP_POST_VARS['tax_reply']);
        $ship_reply = tep_db_prepare_input($HTTP_POST_VARS['ship_reply']);
        $price = $HTTP_POST_VARS['price'];
        $status = tep_db_prepare_input($HTTP_POST_VARS['status']);
        
        $product_orders_query = tep_db_query("select * from orders_new_product where orders_id=".$id);
        $stt_product = 1;
        while($product_orders_values = tep_db_fetch_array($product_orders_query)){
            $price_reply[] = $HTTP_POST_VARS['price_reply'.$stt_product].',';
            //$currency_reply = $HTTP_POST_VARS['currency_reply'.$stt_product].',';
        $stt_product++;
        }
        $price_reply = implode("", $price_reply);
        //$currency_reply = implode("", $currency_reply);
        //print_r($price_reply);
        tep_db_query("update orders_new set currency_reply = '" . $currency_reply . "', price_reply = '" . $price_reply . "', tax_reply = '" . tep_db_input($tax_reply) . "', ship_reply = '" . tep_db_input($ship_reply) . "', status_id = '" . tep_db_input($status) . "' where orders_id = '" . (int)$id . "'");        

        date_default_timezone_set('Asia/Saigon');
        $created = tep_db_prepare_input(date("Y-m-d H:i:s"));
        tep_db_query("insert into orders_new_status_history (orders_id, status_id, created) values ('" . (int)$HTTP_GET_VARS['aID'] . "', '" . tep_db_input($status) . "', '" . tep_db_input($created) . "')");
        
        // send mail to customer
        $orders_send_query = tep_db_query("select * from orders_new where orders_id = '" . $id . "'");
        $orders_send = tep_db_fetch_array($orders_send_query);
        $account_send_query = tep_db_query("select * from " . TABLE_CUSTOMERS . " where customers_id = '" . $orders_send['customers_id'] . "'");
        $account_send = tep_db_fetch_array($account_send_query);
        $name = $account_send['firstname'] . ' ' . $account_send['lastname'];
        $email_address = $account_send['customers_email_address'];
          
          //$email_text = sprintf(EMAIL_GREET_NONE, $name);              
          //$email_text .= EMAIL_WELCOME . $price . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
          //tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
            
            $c_status_query = tep_db_query("select status_name from orders_new_status where status_id=".$status);
            $c_status_values = tep_db_fetch_array($c_status_query);
            
            $email = STORE_NAME . "<br />\n------------------------------------------------------\n<br />".'Đơn hàng số: ' . $id . "<br />\n" . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'orders_product_history_info.php?order_id=' . $id, 'SSL') . "<br />Trạng thái hiện tại: \n\n\n" . $c_status_values['status_name'];        
            require_once('ext/Rmail.php');    
            $mail = new Rmail();        
            $mail->setPriority('high');        
            $mail->setFrom(STORE_OWNER.' <ushop@ushop.vn>');
            $mail->setReceipt('ushop@ushop.vn');
            $mail->setSubject('ushop.vn Thông tin đặt hàng Mỹ');                                        
            $mail->setHTML($email);
            $address = $email_address;	
            $result  = $mail->send(array($address),'smtp');
            
        tep_redirect(tep_href_link('orders_product.php', 'aID=' . (int)$HTTP_GET_VARS['aID']));
        
        break;
      case 'depositconfirm':
        $id = tep_db_prepare_input($HTTP_GET_VARS['aID']);
        $deposit = tep_db_prepare_input($HTTP_POST_VARS['deposit']);
        $currency_deposit = tep_db_prepare_input($HTTP_POST_VARS['currency_deposit']);
        $status = tep_db_prepare_input($HTTP_POST_VARS['status']);

        tep_db_query("update orders_new set deposit = '" . tep_db_input($deposit) . "', currency='" . tep_db_input($currency_deposit) . "', status_id = '" . tep_db_input($status) . "' where orders_id = '" . (int)$id . "'");
        
        date_default_timezone_set('Asia/Saigon');
        $created = tep_db_prepare_input(date("Y-m-d H:i:s"));
        tep_db_query("insert into orders_new_status_history (orders_id, status_id, created) values ('" . (int)$HTTP_GET_VARS['aID'] . "', '" . tep_db_input($status) . "', '" . tep_db_input($created) . "')");
        
        $c_query = tep_db_query("select customers_id from orders_new where orders_id=".$id);
        $c_orders_values = tep_db_fetch_array($c_query);
        $c_email_query = tep_db_query("select customers_email_address from customers where customers_id=".$c_orders_values['customers_id']);
        $c_email_values = tep_db_fetch_array($c_email_query);
        $c_status_query = tep_db_query("select status_name from orders_new_status where status_id=".$status);
        $c_status_values = tep_db_fetch_array($c_status_query);
        
        $email = STORE_NAME . "<br />\n------------------------------------------------------\n<br />".'Đơn hàng số: ' . $id . "<br />\n" . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'orders_product_history_info.php?order_id=' . $id, 'SSL') . "<br />Trạng thái hiện tại: \n\n\n" . $c_status_values['status_name'];        
        require_once('ext/Rmail.php');    
        $mail = new Rmail();        
        $mail->setPriority('high');        
        $mail->setFrom(STORE_OWNER.' <ushop@ushop.vn>');
        $mail->setReceipt('ushop@ushop.vn');
        $mail->setSubject('ushop.vn Thông tin đặt hàng Mỹ');                                        
        $mail->setHTML($email);
        $address = $c_email_values['customers_email_address'];	
        $result  = $mail->send(array($address),'smtp');
        
        tep_redirect(tep_href_link('orders_product.php', 'aID=' . (int)$HTTP_GET_VARS['aID']));
        break;  
      case 'deleted_status_history':
        $id = tep_db_prepare_input($HTTP_GET_VARS['status_his_ID']);
        $aID = tep_db_prepare_input($HTTP_GET_VARS['aID']);

        tep_db_query("delete from orders_new_status_history where status_history_id = '" . (int)$id . "'");

        tep_redirect(tep_href_link('orders_product.php', 'aID=' . (int)$HTTP_GET_VARS['aID']));
        break;
    }  
  }  
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js"></script>
<script src="http://js.nicedit.com/nicEdit-latest.js" type="text/javascript"></script>
<script type="text/javascript">bkLib.onDomLoaded(nicEditors.allTextAreas);</script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();">
<div id="spiffycalendar" class="text"></div>
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
  <tr>
    <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
    </table></td>
<!-- body_text //-->
    <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="pageHeading"><?php echo HEADING_TITLE; ?> <a href="<?php echo tep_href_link('orders_product.php', 'action=new'); ?>"><?php //echo tep_image_button('button_insert.gif', IMAGE_INSERT); ?></a></td>
            <td>
            <?php           
            echo tep_draw_form('search_status', 'orders_product.php', '', 'post');
              $status_array = array();
              $status_array[] = array('id' => '', 'text' => 'Tất cả');
              $orders_status1_query = tep_db_query("select * from orders_new_status where published = 1");
              while ($orders_status1 = tep_db_fetch_array($orders_status1_query)) {
                $status_array[] = array('id' => $orders_status1['status_id'], 'text' => $orders_status1['status_name']);
              }
              
                $deposit_array = array();
                $deposit_array[] = array('id' => '', 'text' => 'Tất cả');
                $deposit_array[] = array('id' => '1', 'text' => 'Đã đặt cọc');
                $deposit_array[] = array('id' => '2', 'text' => 'Chưa đặt cọc');      
              
              echo tep_draw_input_field('search_keyword') . ' Trạng thái đơn hàng: ' . tep_draw_pull_down_menu('status', $status_array,'', 'onChange="this.form.submit();"').' Trạng thái tiền cọc: ' . tep_draw_pull_down_menu('deposit', $deposit_array,'', 'onChange="this.form.submit();"');
              
              echo tep_hide_session_id() . '</form>';
            ?>
            </td>
            </tr>
        </table></td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
              <tr class="dataTableHeadingRow">
                <td class="dataTableHeadingContent">Khách hàng</td>
                <td class="dataTableHeadingContent">Ngày đặt</td>
                <td class="dataTableHeadingContent">Tiền đặt cọc</td>
                <td class="dataTableHeadingContent">Trạng thái</td>
                <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
              </tr>
<?php
    $status = $HTTP_POST_VARS['status'];
    $deposit = $HTTP_POST_VARS['deposit'];
    $search_keyword = $HTTP_POST_VARS['search_keyword'];
    if($status){
        $orders_query_raw = "select * from orders_new where status_id = '".$status."' order by created desc";                    
    }elseif($deposit == 1){
        $orders_query_raw = "select * from orders_new where deposit != '' order by created desc";
    }elseif($deposit == 2){
        $orders_query_raw = "select * from orders_new where deposit = '' order by created desc";
    }else{
        $orders_query_raw = "select * from orders_new order by created desc";    
    }
    if($search_keyword){
        $orders_query_raw_select = "select o.*,c.customers_firstname,c.customers_lastname from orders_new o, " . TABLE_CUSTOMERS . " c";
        $orders_query_raw_where = " where o.customers_id = c.customers_id";
        
        $orders_sub_query = tep_db_query("select o.*,c.customers_firstname,c.customers_lastname from orders_new o, " . TABLE_CUSTOMERS . " c  where o.customers_id = c.customers_id and c.customers_firstname like '%" . tep_db_input($search_keyword) . "%'");
        $orders_sub = tep_db_fetch_array($orders_sub_query);
        if($orders_sub){
            $orders_query_raw_where .= " and c.customers_firstname like '%" . tep_db_input($search_keyword) . "%'";
        }
        $orders_sub2_query = tep_db_query("select o.*,c.customers_firstname,c.customers_lastname from orders_new o, " . TABLE_CUSTOMERS . " c  where o.customers_id = c.customers_id and c.customers_lastname like '%" . tep_db_input($search_keyword) . "%'");
        $orders_sub2 = tep_db_fetch_array($orders_sub2_query);
        if($orders_sub2){
            $orders_query_raw_where .= " and c.customers_lastname like '%" . tep_db_input($search_keyword) . "%'";
        }
        
        $orders_query_raw_order = "  order by o.created desc";
        $orders_query_raw = $orders_query_raw_select.$orders_query_raw_where.$orders_query_raw_order;
    }
  
  $orders_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_product_query_numrows);
  $orders_query = tep_db_query($orders_query_raw);  
  
  while ($orders = tep_db_fetch_array($orders_query)) {
    if ((!isset($HTTP_GET_VARS['aID']) || (isset($HTTP_GET_VARS['aID']) && ($HTTP_GET_VARS['aID'] == $orders['orders_id']))) && !isset($aInfo) && (substr($action, 0, 3) != 'new')) {
      $aInfo = new objectInfo($orders);
      //print_r($aInfo);
    }
    
    if ( (isset($aInfo) && is_object($aInfo)) && ($orders['orders_id'] == $aInfo->orders_id) ) {
      echo '                  <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id) . '\'">' . "\n";
    } else {
      echo '                  <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link('orders_product.php', 'aID=' . $orders['orders_id']) . '\'">' . "\n";
    }
    
    $account_query = tep_db_query("select * from " . TABLE_CUSTOMERS . " where customers_id = '" . $orders['customers_id'] . "'");
    $account = tep_db_fetch_array($account_query);
    
    $orders_status_query = tep_db_query("select * from orders_new_status where status_id = '" . $orders['status_id'] . "'");
    $orders_status = tep_db_fetch_array($orders_status_query);
    
    $address_query = tep_db_query("select * from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$account['customers_default_address_id'] . "'");
    $address = tep_db_fetch_array($address_query);
    
    $country_query = tep_db_query("select * from " . TABLE_COUNTRIES . " where countries_id = '" . (int)$address['entry_country_id'] . "'");
    $country = tep_db_fetch_array($country_query);
?>
                <td class="dataTableContent"><?php echo ''.$account['customers_firstname'].' '.$account['customers_lastname']; ?></td>
                <td class="dataTableContent"><?php echo $orders['created']; ?></td>
                <td class="dataTableContent">
                <?php
                    if($orders['currency'] == 'VND'){                        
                        echo $currencies->format($orders['deposit']);
                    }else{
                        echo $orders['deposit'].' '.$orders['currency'];
                    }
                ?>
                </td>
                <td class="dataTableContent">
                    <?php
                    if($orders['status_id']==0){
                        echo "Chờ xử lý";
                    }else{
                        echo $orders_status['status_name'];    
                    }                           
                    ?>
                </td>
                <td class="dataTableContent" align="right"><?php if ( (isset($aInfo) && is_object($aInfo)) && ($orders['orders_id'] == $aInfo->orders_id) ) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link('orders_product.php', 'aID=' . $orders['orders_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
              </tr>
<?php
  }
?>
            </table></td></tr>
            <?php //echo EMAIL_GREET_NONE . EMAIL_WELCOME . $orders['price'] . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING.STORE_OWNER.STORE_OWNER_EMAIL_ADDRESS; ?>
            <tr>
                <td class="smallText" valign="top" align="right">
                    <?php echo $orders_split->display_count($orders_product_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?>
                    <?php echo $orders_split->display_links($orders_product_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?>
                </td>
              </tr>
<?php
$account1_query = tep_db_query("select * from " . TABLE_CUSTOMERS . " where customers_id = '" . $aInfo->customers_id . "'");
$account1 = tep_db_fetch_array($account1_query);

$address1_query = tep_db_query("select * from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$account1['customers_default_address_id'] . "'");
$address1 = tep_db_fetch_array($address1_query);

$country1_query = tep_db_query("select * from " . TABLE_COUNTRIES . " where countries_id = '" . (int)$address1['entry_country_id'] . "'");
$country1 = tep_db_fetch_array($country1_query);

  $heading = array();
  $contents = array();  

  switch ($action) {
    case 'new':
      $heading[] = array('text' => '<b>Thêm đặt hàng mới</b>');

      $contents = array('form' => tep_draw_form('orders_product', 'orders_product.php', '&action=insert'));
      //$contents[] = array('text' => '<br>' . 'ID khách hàng' . '<br>' . tep_draw_input_field('customers_id'));
      $contents[] = array('text' => '<table border="0" width="100%" cellspacing="0" cellpadding="2">');
      $contents[] = array('text' => '<tr><td class="dataTableContent"><b>Thông tin khách hàng</b></td><td class="dataTableContent"></td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_GENDER . '</td><td class="dataTableContent">' . tep_draw_radio_field('gender', 'm') . '&nbsp;&nbsp;' . MALE . '&nbsp;&nbsp;' . tep_draw_radio_field('gender', 'f') . '&nbsp;&nbsp;' . FEMALE .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_FIRST_NAME. '</td><td class="dataTableContent">' . tep_draw_input_field('firstname') .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_LAST_NAME. '</td><td class="dataTableContent">' . tep_draw_input_field('lastname') .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_DATE_OF_BIRTH. '</td><td class="dataTableContent">' . tep_draw_input_field('dob') . '&nbsp;(eg. 28/04/1981)' .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent"><b>Thông tin liên hệ</b></td><td class="dataTableContent"></td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_TELEPHONE_NUMBER. '</td><td class="dataTableContent">' . tep_draw_input_field('telephone') .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_EMAIL_ADDRESS. '</td><td class="dataTableContent">' . tep_draw_input_field('email_address') .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_STREET_ADDRESS. '</td><td class="dataTableContent">' . tep_draw_input_field('street_address') .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">Phường</td><td class="dataTableContent">' . tep_draw_input_field('suburb') .'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">Quận/Huyện</td><td class="dataTableContent">' . tep_draw_input_field('state') .'</td></tr>');      
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . ENTRY_CITY. '</td><td class="dataTableContent">' . tep_draw_input_field('city') .'</td></tr>');
      
      function tep_get_country_list($name, $selected = '', $parameters = '') {
        $countries_array = array(array('id' => '', 'text' => 'Chọn 1 quốc gia'));
        $countries = tep_get_countries1();
    
        for ($i=0, $n=sizeof($countries); $i<$n; $i++) {
          $countries_array[] = array('id' => $countries[$i]['countries_id'], 'text' => $countries[$i]['countries_name']);
        }
    
        return tep_draw_pull_down_menu($name, $countries_array, $selected, $parameters);
      }
      function tep_get_countries1($countries_id = '', $with_iso_codes = false) {
        $countries_array = array();
        if (tep_not_null($countries_id)) {
          if ($with_iso_codes == true) {
            $countries = tep_db_query("select countries_name, countries_iso_code_2, countries_iso_code_3 from " . TABLE_COUNTRIES . " where countries_id = '" . (int)$countries_id . "' order by countries_name");
            $countries_values = tep_db_fetch_array($countries);
            $countries_array = array('countries_name' => $countries_values['countries_name'],
                                     'countries_iso_code_2' => $countries_values['countries_iso_code_2'],
                                     'countries_iso_code_3' => $countries_values['countries_iso_code_3']);
          } else {
            $countries = tep_db_query("select countries_name from " . TABLE_COUNTRIES . " where countries_id = '" . (int)$countries_id . "'");
            $countries_values = tep_db_fetch_array($countries);
            $countries_array = array('countries_name' => $countries_values['countries_name']);
          }
        } else {
          $countries = tep_db_query("select countries_id, countries_name from " . TABLE_COUNTRIES . " order by countries_name");
          while ($countries_values = tep_db_fetch_array($countries)) {
            $countries_array[] = array('countries_id' => $countries_values['countries_id'],
                                       'countries_name' => $countries_values['countries_name']);
          }
        }
    
        return $countries_array;
      }
      $contents[] = array('text' => '<tr><td class="dataTableContent">'.ENTRY_COUNTRY.'</td><td class="dataTableContent">' . tep_get_country_list('country') .'</td></tr>');
      
      $contents[] = array('text' => '<tr><td class="dataTableContent"><b>Thông tin sản phẩm đặt hàng</b></td><td class="dataTableContent"></td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent"></td><td class="dataTableContent">' . tep_draw_textarea_field('orders_description', 'soft', '60', '5') .'</td></tr>');
      
      $contents[] = array('align' => 'left', 'text' => '<tr><td></td><td>' . tep_image_submit('button_save.gif', IMAGE_SAVE) . '&nbsp;<a href="' . tep_href_link('orders_product.php') . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a></td></tr></table>');
      break;
    case 'edit':
      $heading[] = array('text' => '<b>' . $account1['customers_firstname'].' '.$account1['customers_lastname'] . '</b>');

      $contents = array('form' => tep_draw_form('orders_product', 'orders_product.php', 'aID=' . $aInfo->orders_id . '&action=save'));
      
      //$contents[] = array('text' => '<br>' . 'Thông tin đặt hàng' . '<br>' . tep_draw_textarea_field('orders_description', 'soft', '60', '5',$aInfo->orders_description));
      
      $status_array = array();
      $orders_status1_query = tep_db_query("select * from orders_new_status where published = 1");
      while ($orders_status1 = tep_db_fetch_array($orders_status1_query)) {
        $status_array[] = array('id' => $orders_status1['status_id'], 'text' => $orders_status1['status_name']);
      }      
      
      $contents[] = array('text' => '<br>' . 'Trạng thái đơn hàng' . '<br>' . tep_draw_pull_down_menu('status', $status_array, $aInfo->status_id));
      
      echo tep_draw_hidden_field('status');
      $contents[] = array('align' => 'left', 'text' => '<br>' . tep_image_submit('button_update.gif', IMAGE_UPDATE) . '&nbsp;<a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
      break;
    case 'delete':
      $heading[] = array('text' => '<b>' . $account1['customers_firstname'].' '.$account1['customers_lastname'] . '</b>');

      $contents = array('form' => tep_draw_form('orders_product', 'orders_product.php', 'aID=' . $aInfo->orders_id . '&action=deleteconfirm'));
      $contents[] = array('text' => TEXT_INFO_DELETE_INTRO.' <b>' . $account1['customers_firstname'].' '.$account1['customers_lastname'] . '</b>');
      $contents[] = array('align' => 'left', 'text' => '<br>' . tep_image_submit('button_delete.gif', 'Xóa') . '&nbsp;<a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
      break;
    case 'price':
      $heading[] = array('text' => '<b>' . $account1['customers_firstname'].' '.$account1['customers_lastname'] . '</b>');

      $contents = array('form' => tep_draw_form('orders_product', 'orders_product.php', 'aID=' . $aInfo->orders_id . '&action=priceconfirm'));
      
      $contents[] = array('text' => '<table border="0" cellpadding="2" cellspacing="2" width="100%">');
      
      $currency_reply_array[] = array('id' => 'VND', 'text' => 'VNĐ');
      $currency_reply_array[] = array('id' => 'USD', 'text' => 'USD');
      $contents[] = array('text' => '<tr><td class="dataTableContent">Báo giá theo: </td><td class="dataTableContent">' . tep_draw_pull_down_menu('currency_reply', $currency_reply_array, $aInfo->currency_reply).'</td></tr>');
      
      $price_reply_val = explode(',', $aInfo->price_reply);
      $product_orders_query = tep_db_query("select * from orders_new_product where orders_id=".$aInfo->orders_id);
      $stt_product = 1;
      while($product_orders_values = tep_db_fetch_array($product_orders_query)){
          //$contents[] = array('text' => '<tr><td class="dataTableContent">Số lượng sản phẩm '.$stt_product.': </td><td class="dataTableContent">' . tep_draw_input_field('quanlity_reply'.$stt_product).'</td></tr>');
          $contents[] = array('text' => '<tr><td class="dataTableContent">Số lượng sản phẩm '.$stt_product.': </td><td class="dataTableContent">' . $product_orders_values['quanlity'] . '</td></tr>');
          $contents[] = array('text' => '<tr><td class="dataTableContent">Giá sản phẩm '.$stt_product.': </td><td class="dataTableContent">' . tep_draw_input_field('price_reply'.$stt_product,$price_reply_val[$stt_product-1]).'</td></tr>');
          /*
          $currency_reply = explode(',', $aInfo->currency_reply);
          tep_draw_pull_down_menu('currency_reply'.$stt_product, $currency_reply_array, $currency_reply[$stt_product-1])
          */
      $stt_product++;
      }
      $contents[] = array('text' => '<tr><td class="dataTableContent">Thuế: </td><td class="dataTableContent">' . tep_draw_input_field('tax_reply',$aInfo->tax_reply).'</td></tr>');
      $contents[] = array('text' => '<tr><td class="dataTableContent">Chi phí vận chuyển: </td><td class="dataTableContent">' . tep_draw_input_field('ship_reply',$aInfo->ship_reply).'</td></tr>');
      $contents[] = array('text' => '<tr><td></td><td class="dataTableContent">'.tep_draw_textarea_field('price', 'soft', '60', '5').'</td></tr>');
      
      $status_array = array();
      $orders_status1_query = tep_db_query("select * from orders_new_status where published = 1");
      while ($orders_status1 = tep_db_fetch_array($orders_status1_query)) {
        $status_array[] = array('id' => $orders_status1['status_id'], 'text' => $orders_status1['status_name']);
      }      
      
      $contents[] = array('text' => '<tr><td class="dataTableContent">' . 'Trạng thái đơn hàng' . '</td><td class="dataTableContent">' . tep_draw_pull_down_menu('status', $status_array, $aInfo->status_id).'</td></tr>');
      
      echo tep_draw_hidden_field('currency_reply');
      echo tep_draw_hidden_field('status');
      
      $contents[] = array('align' => 'left', 'text' => '<tr><td></td><td class="dataTableContent">' . tep_image_submit('button_price.gif', 'Báo giá') . '&nbsp;<a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a></td></tr>');
      $contents[] = array('text' => '</table>');
      break;
    case 'deposit':
      $heading[] = array('text' => '<b>' . $account1['customers_firstname'].' '.$account1['customers_lastname'] . '</b>');

      $contents = array('form' => tep_draw_form('orders_product', 'orders_product.php', 'aID=' . $aInfo->orders_id . '&action=depositconfirm'));
      $contents[] = array('text' => 'Số tiền khách đặt cọc: '.tep_draw_input_field('deposit').' <select name="currency_deposit">
                    <option value="VND">VNĐ</option>
                    <option value="USD">USD</option>
                </select> (Nếu 300.000 VNĐ thì viết là 300 ; Nếu 300 USD thì viết là 300)');
      
      $status_array = array();
      $orders_status1_query = tep_db_query("select * from orders_new_status where published = 1");
      while ($orders_status1 = tep_db_fetch_array($orders_status1_query)) {
        $status_array[] = array('id' => $orders_status1['status_id'], 'text' => $orders_status1['status_name']);
      }      
      
      $contents[] = array('text' => '<br>' . 'Trạng thái đơn hàng' . '<br>' . tep_draw_pull_down_menu('status', $status_array, $aInfo->status_id));
      
      echo tep_draw_hidden_field('status');
      echo tep_draw_hidden_field('currency_deposit');
      
      $contents[] = array('align' => 'left', 'text' => '<br>' . tep_image_submit('button_deposit.gif', 'Báo giá') . '&nbsp;<a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
      break;    
    default:
      if (isset($aInfo) && is_object($aInfo)) {
        $heading[] = array('text' => '<b>' . $account1['customers_firstname'].' '.$account1['customers_lastname'] . '</b>');
        
        $contents[] = array('text' => '<b>Điện thoại:</b> '.$account1['customers_telephone']);
        $contents[] = array('text' => '<b>Địa chỉ:</b> '.$address1['entry_street_address'].' '.$address1['entry_suburb'].' '.$address1['entry_state'].' '.$address1['entry_city'].' '.$country1['countries_name']);
        $contents[] = array('text' => '<b>Fax:</b> '.$account1['customers_fax']);
        $contents[] = array('text' => '<b>E-mail:</b> '.$account1['customers_email_address']);
        
        $contents[] = array('text' => '<b>Thông tin sản phẩm:</b><table border="0" cellpadding="2" cellspacing="2" width="100%">
          <tr bgcolor="#EFEFEF">
            <td class="dataTableContent" align="center" style="font-weight: bold;">STT</td>
            <td class="dataTableContent" align="center" style="font-weight: bold;">Hình ảnh</td>
            <td class="dataTableContent" align="center" style="font-weight: bold;">Số lượng</td>
            <td class="dataTableContent" align="center" style="font-weight: bold;">Liên kết</td>
            <td class="dataTableContent" align="center" style="font-weight: bold;">Giá</td>
            <td class="dataTableContent" align="center" style="font-weight: bold;">Mô tả</td>
          </tr>');
            $stt = 1;
            $product_query = tep_db_query("select * from orders_new_product where orders_id = '".$aInfo->orders_id."' order by orders_product_id");
            while ($product = tep_db_fetch_array($product_query)) {
                if($product['currency'] == 'VND'){ 
                    $product_price = $currencies->display_price($product['price'], tep_get_tax_rate($product['products_tax_class_id']));
                }else{
                    $product_price = $product['price'].' '.$product['currency'];
                }
                $contents[] = array('text' => '<tr>
                                        <td class="dataTableContent" align="center">'. $stt .'</td>
                                        <td class="dataTableContent" align="center"><img src="'. $product['images_url'] .'" width="100px" /></td>
                                        <td class="dataTableContent" align="center">'. $product['quanlity'] .'</td>
                                        <td class="dataTableContent" align="center">'. $product['weblink'] .'</td>
                                        <td class="dataTableContent" align="center">'. $product_price .'</td>
                                        <td class="dataTableContent" align="center">'. $product['description'] .'</td>
                                        </tr>
                                    ');
            $stt++;    
            }         
          $contents[] = array('text' => '</table>');
        
        $contents[] = array('text' => '<b>Báo giá sản phẩm:</b><div style="padding-left:30px;">');
        if($aInfo->price_reply){
            /*
            - Lấy currency_reply từ db đưa vào array và bỏ dấu ,
            - Lấy tất cả sản phẩm của đơn hàng được chọn để gán price_reply, currency_reply theo sản phẩm
            - Kiểm tra currency_reply, để thể hiện loại tiền tệ cho sản phẩm                        
            $currency_reply = explode(',', $aInfo->currency_reply);
            $currency_reply_query = tep_db_query("select * from orders_new_product where orders_id=".$aInfo->orders_id);
            $stt_product_cur = 1;
            while($currency_reply_values = tep_db_fetch_array($currency_reply_query)){
                if($currency_reply_values[$stt_product_cur-1] == 'USD'){
                    $contents[] = array('text' => '<table border="0" width="400px" cellspacing="2" cellpadding="2">');
                    $price_reply = explode(',', $aInfo->price_reply); 
                    $product_orders_query = tep_db_query("select * from orders_new_product where orders_id=".$aInfo->orders_id);
                    $stt_product = 1;
                    while($product_orders_values = tep_db_fetch_array($product_orders_query)){
                        $contents[] = array('text' => '<tr><td class="dataTableContent">Số lượng sản phẩm '.$stt_product.': </td><td class="dataTableContent">'.$product_orders_values['quanlity'].'</td></tr>');
                        $contents[] = array('text' => '<tr><td class="dataTableContent">Giá sản phẩm '.$stt_product.': </td><td class="dataTableContent">'.$price_reply[$stt_product-1].' '.$currency_reply_values[$stt_product_cur-1].'</td></tr>');  
                    $stt_product++;
                    }            
                    $contents[] = array('text' => '<tr><td class="dataTableContent">Thuế: </td><td class="dataTableContent">'. $aInfo->tax_reply.' '.$currency_reply_values[$stt_product_cur-1].'</td></tr>');
                    $contents[] = array('text' => '<tr><td class="dataTableContent">Chi phí vận chuyển: </td><td class="dataTableContent">'. $aInfo->ship_reply.' '.$currency_reply_values[$stt_product_cur-1].'</td></tr>');
                    
                    $sum_price = array_sum($price_reply) + $aInfo->tax_reply + $aInfo->ship_reply;
                    $contents[] = array('text' => '<tr><td class="dataTableContent"><b>Tổng cộng: </b></td><td class="dataTableContent"><br /><b>'.$sum_price.' '.$currency_reply_values[$stt_product_cur-1].'</b></td></tr>');
                    $contents[] = array('text' => '</table></div>');
            $stt_product_cur++;
            }
            */
            if($aInfo->currency_reply == 'USD'){
                $contents[] = array('text' => '<table border="0" width="400px" cellspacing="2" cellpadding="2">');
                $price_reply = explode(',', $aInfo->price_reply); 
                $product_orders_query = tep_db_query("select * from orders_new_product where orders_id=".$aInfo->orders_id);
                $stt_product = 1;
                while($product_orders_values = tep_db_fetch_array($product_orders_query)){
                    $contents[] = array('text' => '<tr><td class="dataTableContent">Số lượng sản phẩm '.$stt_product.': </td><td class="dataTableContent">'.$product_orders_values['quanlity'].'</td></tr>');
                    $contents[] = array('text' => '<tr><td class="dataTableContent">Giá sản phẩm '.$stt_product.': </td><td class="dataTableContent">'.$price_reply[$stt_product-1].' '.$aInfo->currency_reply.'</td></tr>');  
                $stt_product++;
                }            
                $contents[] = array('text' => '<tr><td class="dataTableContent">Thuế: </td><td class="dataTableContent">'. $aInfo->tax_reply.' '.$aInfo->currency_reply.'</td></tr>');
                $contents[] = array('text' => '<tr><td class="dataTableContent">Chi phí vận chuyển: </td><td class="dataTableContent">'. $aInfo->ship_reply.' '.$aInfo->currency_reply.'</td></tr>');
                
                $sum_price = array_sum($price_reply) + $aInfo->tax_reply + $aInfo->ship_reply;
                $contents[] = array('text' => '<tr><td class="dataTableContent"><b>Tổng cộng: </b></td><td class="dataTableContent"><br /><b>'.$sum_price.' '.$aInfo->currency_reply.'</b></td></tr>');
                $contents[] = array('text' => '</table></div>');
            }else{
                $contents[] = array('text' => '<table border="0" width="400px" cellspacing="2" cellpadding="2">');
                $price_reply = explode(',', $aInfo->price_reply); 
                $product_orders_query = tep_db_query("select * from orders_new_product where orders_id=".$aInfo->orders_id);
                $stt_product = 1;
                while($product_orders_values = tep_db_fetch_array($product_orders_query)){
                    $contents[] = array('text' => '<tr><td class="dataTableContent">Số lượng sản phẩm '.$stt_product.': </td><td class="dataTableContent">'.$product_orders_values['quanlity'].'</td></tr>');
                    $contents[] = array('text' => '<tr><td class="dataTableContent">Giá sản phẩm '.$stt_product.': </td><td class="dataTableContent">'.$currencies->format($price_reply[$stt_product-1]).'</td></tr>');  
                $stt_product++;
                }            
                $contents[] = array('text' => '<tr><td class="dataTableContent">Thuế: </td><td class="dataTableContent">'. $currencies->format($aInfo->tax_reply).'</td></tr>');
                $contents[] = array('text' => '<tr><td class="dataTableContent">Chi phí vận chuyển: </td><td class="dataTableContent">'. $currencies->format($aInfo->ship_reply).'</td></tr>');
                $sum_price = array_sum($price_reply) + $aInfo->tax_reply + $aInfo->ship_reply;
                $contents[] = array('text' => '<tr><td class="dataTableContent"><b>Tổng cộng: </b></td><td class="dataTableContent"><br /><b>'.$currencies->format($sum_price).'</b></td></tr>');
                $contents[] = array('text' => '</table></div>');
            }
        }else{$contents[] = array('text' => 'Chưa báo giá.');}
        $contents[] = array('align' => 'left', 'text' => '<a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id . '&action=price') . '">' . tep_image_button('button_price.gif', 'Báo giá') . '</a><a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id . '&action=deposit') . '">' . tep_image_button('button_deposit.gif', 'Nhập tiền cọc') . '</a> <a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link('orders_product.php', 'aID=' . $aInfo->orders_id . '&action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
        
        $contents[] = array('text' => '<b>Trạng thái cập nhật:</b>');
        $contents[] = array('text' => '<table border="0" width="400px" cellspacing="0" cellpadding="0" style="padding-left:50px"><tr><td class="dataTableContent"><b>Trạng thái</b></td><td class="dataTableContent"><b>Ngày</b></td></tr>');
        $orders_status_history_query = tep_db_query("select * from orders_new_status_history where orders_id = '" . (int)$aInfo->orders_id . "' order by status_history_id desc");
        while($orders_status_history = tep_db_fetch_array($orders_status_history_query)){        
            $orders_status_his_query = tep_db_query("select * from orders_new_status where status_id = '" . (int)$orders_status_history['status_id'] . "'");
            $orders_status_his = tep_db_fetch_array($orders_status_his_query);
            if($orders_status_history['status_id'] == 0){ $status_name_his = 'Chờ xử lý'; } else { $status_name_his = $orders_status_his['status_name'];}
            $contents[] = array('text' => '<tr><td class="dataTableContent">'.$status_name_his.'</td><td class="dataTableContent">'.$orders_status_history['created'].'</td><td class="dataTableContent"><a href="' . tep_href_link('orders_product.php', 'action=deleted_status_history&aID='.$aInfo->orders_id.'&status_his_ID=' . $orders_status_history['status_history_id']) . '">' . tep_image_button('button_delete.gif', 'Xóa') . '</a></td></tr>');
        }
        $contents[] = array('text' => '</table>');
      }
      break;
  }

  if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {
    ?>
    <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="pageHeading">Thông tin đơn đặt hàng</td>
            </tr>
        </table></td>
      </tr>
    <?php
    echo '            <tr><td width="25%" valign="top">' . "\n";

    $box = new box;
    echo $box->infoBox($heading, $contents);

    echo '            </td></tr>' . "\n";
  }
?>
          </tr>
        </table></td>
      </tr>
    </table></td>
<!-- body_text_eof //-->
  </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
